As new hardware components are released, BIOS patches are necessary to ensure that the system can fully support them. This is particularly important for newer CPUs, RAM, and storage devices, where BIOS updates may be required for optimal performance or new features. Some BIOS updates optimize the system's performance by refining hardware initialization, improving power management, or enabling better control over system resources.
Drivers are a critical part of a computer system. As operating systems and software evolve, outdated drivers may no longer be compatible with newer software or operating system versions. Patching drivers ensures continued compatibility, enhancing system functionality and stability. Driver patches introduce new features, optimizations, or better integration with modern hardware, such as supporting newer graphics technologies or offering new functionality for devices.
Hence, it is crucial that you update your system BIOS and drivers regularly. Using Endpoint Central, you can deploy BIOS and Driver Updates via an automated task or manually. Some BIOS are password protected; you can patch them too using Endpoint Central
If you want the BIOS updates and Driver Updates to be managed by Endpoint Central, go to Threats & Patches → Settings → Patch Database Settings.
Under Select the patches that you wish to manage, ensure that Driver and BIOS are selected under Windows, and then click on Save.
Below is the list of supported devices for Driver and BIOS updates.
Note: BIOS and Driver updates are currently supported in Endpoint Central from build version 10.0.423. Only the below mentioned BIOS and Drivers are supported.
Configuring password protection for the BIOS in the systems of the network is often the first step of defense in preventing unauthorized access to the system. In addition, this also forbids malicious/unauthorized users from making changes to the system's hardware and software configurations.
However, this added security layer can prove to be a hassle, especially when it comes to deploying BIOS updates across the endpoints in your organization's network. Since these updates require authentication via credentials before installation, this would mean relying on the end-users to input the credentials for a successful installation, thus leading to either productivity breaks or a lesser chance of successful installations.
The Password-protected BIOS Patching functionality lets you deploy updates for the protected BIOS, without having to rely on the end-user for password authentication.
To support BIOS patching with password protection on Dell machines, it's essential to have the Dell PowerShell module installed on each endpoint.
By leveraging this functionality, you can store the pre-configured BIOS passwords of the end-user systems on the product server. This ensures that the BIOS updates are deployed and the passwords are automatically fetched and installed from the server storage, for a seamless installation.
Note: Refer to this page to learn how to identify if the BIOS on Dell machines is password-protected.
While this feature is enabled by default in the server, you are required to add and map the credentials before deploying the patches for a successful installation. Here are the steps:
Once the credentials have been mapped, the BIOS updates can be deployed to the systems manually.
You can review and monitor the BIOS-mapping status of all the systems in the network from a single dashboard. To know more about how to review the status of these systems on the console, refer to this page
If you have any further questions, please refer to our Frequently Asked Questions section for more information.
